Description
MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information.
Remediation
References
Related Vulnerabilities
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3436)
IBM WebSEAL Improper Input Validation Vulnerability (CVE-2020-4461)
WordPress Plugin Jetpack-WP Security, Backup, Speed, & Growth Multiple Vulnerabilities (3.7.0)
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-20151)